From 8dbe27035d73a89bc738b8270674cd597010bff9 Mon Sep 17 00:00:00 2001 From: spamidig Date: Fri, 15 Sep 2017 09:56:05 -0400 Subject: [PATCH] AIRAVATA-2500 Partial Implementation --- modules/compute-account-provisioning/pom.xml | 6 + .../IULdapSSHAccountProvisioner.java | 120 +++++++++++++++++- .../SSHAccountProvisionerFactoryTest.java | 10 +- .../TestSSHAccountProvisionerProvider.java | 8 +- 4 files changed, 136 insertions(+), 8 deletions(-) diff --git a/modules/compute-account-provisioning/pom.xml b/modules/compute-account-provisioning/pom.xml index ee89d33714..de963dfa69 100644 --- a/modules/compute-account-provisioning/pom.xml +++ b/modules/compute-account-provisioning/pom.xml @@ -52,6 +52,12 @@ org.slf4j slf4j-api + + + org.apache.directory.api + api-all + 1.0.0 + junit junit diff --git a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/provisioner/IULdapSSHAccountProvisioner.java b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/provisioner/IULdapSSHAccountProvisioner.java index 03fa80321f..331c01c581 100644 --- a/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/provisioner/IULdapSSHAccountProvisioner.java +++ b/modules/compute-account-provisioning/src/main/java/org/apache/airavata/accountprovisioning/provisioner/IULdapSSHAccountProvisioner.java @@ -22,20 +22,92 @@ import org.apache.airavata.accountprovisioning.ConfigParam; import org.apache.airavata.accountprovisioning.SSHAccountProvisioner; - +import org.apache.directory.api.ldap.model.cursor.CursorException; +import org.apache.directory.ldap.client.api.*; +import org.apache.directory.api.ldap.model.cursor.EntryCursor; +import org.apache.directory.api.ldap.model.entry.Attribute; +import org.apache.directory.api.ldap.model.entry.Entry; +import org.apache.directory.api.ldap.model.entry.Modification; +import org.apache.directory.api.ldap.model.entry.DefaultEntry; +import org.apache.directory.api.ldap.model.exception.LdapException; +import org.apache.directory.api.ldap.model.message.SearchScope; +import org.apache.directory.api.ldap.model.message.DeleteResponse; +import org.apache.directory.api.ldap.model.message.ResultCodeEnum; +import org.junit.Assert; import java.util.Map; +import java.util.List; -public class IULdapSSHAccountProvisioner implements SSHAccountProvisioner { +public class IULdapSSHAccountProvisioner implements SSHAccountProvisioner { + String ldaphost, adminDN, ldap_username, ldap_password, adminPass, ldapBaseDN; + int ldapport, ldapPortId; + LdapConnection connection; @Override public void init(Map config) { // TODO: implement + ldapServerName = config.get(new ConfigParam("ldaphost"));//"bazooka.hps.iu.edu" + ldapPortId = config.get(new ConfigParam("ldapport"));//"636" + ldap_username = config.get(new ConfigParam("ldap_username"));//"cn=sgrcusr" + ldap_password = config.get(new ConfigParam("ldap_password"));//"lore footwork engorge" + ldapBaseDN = config.get(new ConfigParam( "ldapBaseDN" ));//"dc=rt,dc=iu,dc=edu" + try { + connection = new LdapNetworkConnection(ldaphost, ldapport, true); + + + System.out.println( "binding connection:" ); + String AuthDN=ldap_username+","+ldapBaseDN; + connection.bind(AuthDN,ldap_password); + //check that we're auth'ed and connected + System.out.println("asserting bound:"); + Assert.assertTrue( connection.isAuthenticated() ); + Assert.assertTrue( connection.isConnected() ); + } catch (Exception e) { + System.out.println("Exception caught!"); + System.out.println(e.getClass().getCanonicalName()); + System.out.println(e.getMessage()); + System.out.println(e.getCause()); + + } + //catch (LdapException le) { + //System.out.println("Ldap Exception caught!", le); + //} + } @Override public boolean hasAccount(String username) { // TODO: implement + // To verify if the user has a login on a remote host + // if not advice the user to get an account (if possible) before returning. + // a search at the ldap is used to set the value + System.out.println("attempting search:"); + String uidName="uid="+username; + List userClusters = new ArrayList(); + try { + EntryCursor cursor = connection.search( ldapBaseDN, uidName, SearchScope.SUBTREE, "*" ); + System.out.println( "Printing LDAP-wide results for " + username + ":" ); + while (cursor.next()) { + Entry entry = cursor.get(); + String DNName = entry.getDn().getName(); + String[] words=DNName.split(","); + String cluster = words[1].replace("ou="); + userClusters.add(cluster); + //System.out.println( entry.getDn().getName() ); + //System.out.println( entry.getAttributes() ); + return true; + } + cursor.close(); + }catch (Exception e) { + System.out.println( "Exception caught!" ); + System.out.println( e.getClass().getCanonicalName() ); + System.out.println( e.getMessage() ); + System.out.println( e.getCause() ); + } catch (CursorException ce) { + System.out.println( "Cursor Exception caught!" ); + }catch (LdapException le) { + System.out.println( "Ldap Exception caught!" ); + } return false; } @@ -48,11 +120,53 @@ public void createAccount(String username, String sshPublicKey) { @Override public void installSSHKey(String username, String sshPublicKey) { // TODO: implement + // use Eric Coulter's LdapBazookaSearchAndAdd to accomplsih this + String GatewaySSHPublicKey = sshPublicKey; + String IULocalUserName = username; + + + /* + LdapConnectionConfig lcconfig = new LdapConnectionConfig(); + lcconfig.setLdapHost(ldapservername);// LdapServerName = ldapserverName;//from ConfigParam should be like bazooka.hpc.iu.edu + lcconfig.setLdapPort(ldapPortId);// LdapPortID = ldapPortId;//from ConfigParam 636 + lcconfig.setName(adminDN);// = adminName;//from ConfigParam sgrcusr + lcconfig.setCredentials(AdminPass);//from ConfigParam "lore footwork engorge" + + DefaultLdapConnectionFactory lcfactory = new DefaultLdapConnectionFactory( lcconfig ); + lcfactory.setTimeOut( connectionTimeout ); + */ + + Modification addSSHPublicKeyAdd = new DefaultModification(ModificationOperation.ADD_ATTRIBUTE,"add","sshPublicKey"); + Modification SSHPublicKey = new DefaultModification(ModificationOperation.ADD_ATTRIBUTE, "sshPublicKey",GatewaySSHPublicKey); + /* + Entry modentry = New DefaultEntry( + "cn=sgrcusr,dc=rt,dc=iu,dc=edu", + "ObjectClass: person", + "ObjectClass: ldapPublicKey", + "cn", username, + "dn", "uid=",username, "ou=bigred2-sgrc,dc=rt,dc=iu,dc=edu", + "add: sshPublicKey", + "sshPublicKey", GatewaySSHPublicKey ); + */ + try { + connection.modify(ldapBaseDN, addSSHPublicKeyAdd );//ldapmodify + connection.modify(ldapBaseDN, SSHPublicKey ); + } catch (Exception e) { + System.out.println("Exception caught!", e); + System.out.println( e.getClass().getCanonicalName() ); + System.out.println( e.getMessage() ); + System.out.println( e.getCause() ); + } + } @Override public String getScratchLocation(String username) { // TODO: implement - return null; + //if scratch location is available get it or else set a new scratch location for the user + String canonicalScratch = config.get(new ConfigParam("canonicalScratch"));//"/N/cd2/_USER_/scratch" + String scratchLocation = canonicalScratch.replace("_USER_",username); + return scratchLocation; + //return null; } } diff --git a/modules/compute-account-provisioning/src/test/java/org/apache/airavata/accountprovisioning/SSHAccountProvisionerFactoryTest.java b/modules/compute-account-provisioning/src/test/java/org/apache/airavata/accountprovisioning/SSHAccountProvisionerFactoryTest.java index 89e9ff77cc..54d5f1cd16 100644 --- a/modules/compute-account-provisioning/src/test/java/org/apache/airavata/accountprovisioning/SSHAccountProvisionerFactoryTest.java +++ b/modules/compute-account-provisioning/src/test/java/org/apache/airavata/accountprovisioning/SSHAccountProvisionerFactoryTest.java @@ -43,7 +43,7 @@ public void testGetSSHAccountProvisionerImplementationNames() { public void testGetSSHAccountProvisionerConfigParams() { List configParams = SSHAccountProvisionerFactory.getSSHAccountProvisionerConfigParams("TestSSHAccountProvisioner"); - Assert.assertEquals(4, configParams.size()); + Assert.assertEquals(5, configParams.size()); ConfigParam ldaphost = configParams.get(0); Assert.assertEquals("ldaphost", ldaphost.getName()); Assert.assertEquals(ConfigParam.ConfigParamType.STRING, ldaphost.getType()); @@ -51,11 +51,15 @@ public void testGetSSHAccountProvisionerConfigParams() { Assert.assertEquals("ldapport", ldapport.getName()); Assert.assertEquals(ConfigParam.ConfigParamType.STRING, ldapport.getType()); ConfigParam ldapUsername = configParams.get(2); - Assert.assertEquals("ldap-username", ldapUsername.getName()); + Assert.assertEquals("ldap_username", ldapUsername.getName()); Assert.assertEquals(ConfigParam.ConfigParamType.STRING, ldapUsername.getType()); ConfigParam ldapPassword = configParams.get(3); - Assert.assertEquals("ldap-password", ldapPassword.getName()); + Assert.assertEquals("ldap_password", ldapPassword.getName()); Assert.assertEquals(ConfigParam.ConfigParamType.CRED_STORE_PASSWORD_TOKEN, ldapPassword.getType()); + ConfigParam ldapBaseDN = configParams.get(4); + Assert.assertArrayEquals("ldapBaseDN", ldapBaseDN.getName() ); + Assert.assertArrayEquals( ConfigParam.ConfigParamType.STRING,ldapBaseDN.getType() ); + } @Test diff --git a/modules/compute-account-provisioning/src/test/java/org/apache/airavata/accountprovisioning/provisioner/TestSSHAccountProvisionerProvider.java b/modules/compute-account-provisioning/src/test/java/org/apache/airavata/accountprovisioning/provisioner/TestSSHAccountProvisionerProvider.java index a8d2cb5f40..7eb4250250 100644 --- a/modules/compute-account-provisioning/src/test/java/org/apache/airavata/accountprovisioning/provisioner/TestSSHAccountProvisionerProvider.java +++ b/modules/compute-account-provisioning/src/test/java/org/apache/airavata/accountprovisioning/provisioner/TestSSHAccountProvisionerProvider.java @@ -46,14 +46,18 @@ public List getConfigParams() { .setDescription("Port of LDAP server") .setOptional(false) .setType(ConfigParam.ConfigParamType.STRING)); - configParams.add(new ConfigParam("ldap-username") + configParams.add(new ConfigParam("ldap_username") .setDescription("Username for LDAP server") .setOptional(false) .setType(ConfigParam.ConfigParamType.STRING)); - configParams.add(new ConfigParam("ldap-password") + configParams.add(new ConfigParam("ldap_password") .setDescription("Password for LDAP server") .setOptional(false) .setType(ConfigParam.ConfigParamType.CRED_STORE_PASSWORD_TOKEN)); + configParams.add(new ConfigParam("ldapBaseDN") + .setDescription( "Base DN for the ldap entry" ) + .setOptional( false ) + .setType( ConfigParam.ConfigParamType.STRING ); return configParams; }